[USN-7819-1] Linux kernel (Azure) vulnerabilities
[USN-7818-1] Apache Subversion vulnerability
[USN-7820-1] Linux kernel (Oracle) vulnerabilities
[USN-7796-4] Linux kernel (Azure FIPS) kernel vulnerabilities
[USN-7819-1] Linux kernel (Azure) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7819-1
October 13, 2025
linux-azure, linux-azure-5.4 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Network drivers;
- Device tree and open firmware driver;
- SCSI subsystem;
- TTY drivers;
- Ext4 file system;
- Network file system (NFS) server daemon;
- SMB network file system;
- Bluetooth subsystem;
- Packet sockets;
- Network traffic control;
- VMware vSockets driver;
(CVE-2025-38350, CVE-2024-57996, CVE-2025-37752, CVE-2025-38617,
CVE-2025-38477, CVE-2025-38083, CVE-2024-38541, CVE-2023-52757,
CVE-2023-52975, CVE-2025-38618, CVE-2024-49950, CVE-2024-50073,
CVE-2025-37785, CVE-2025-21796, CVE-2025-38683, CVE-2025-37797)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.4.0-1154-azure 5.4.0-1154.161
Available with Ubuntu Pro
linux-image-azure-5.4 5.4.0.1154.148
Available with Ubuntu Pro
linux-image-azure-lts-20.04 5.4.0.1154.148
Available with Ubuntu Pro
Ubuntu 18.04 LTS
linux-image-5.4.0-1154-azure 5.4.0-1154.161~18.04.1
Available with Ubuntu Pro
linux-image-azure 5.4.0.1154.161~18.04.1
Available with Ubuntu Pro
linux-image-azure-5.4 5.4.0.1154.161~18.04.1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7819-1
CVE-2023-52757, CVE-2023-52975, CVE-2024-38541, CVE-2024-49950,
CVE-2024-50073, CVE-2024-57996, CVE-2025-21796, CVE-2025-37752,
CVE-2025-37785, CVE-2025-37797, CVE-2025-38083, CVE-2025-38350,
CVE-2025-38477, CVE-2025-38617, CVE-2025-38618, CVE-2025-38683
[USN-7818-1] Apache Subversion vulnerability
==========================================================================
Ubuntu Security Notice USN-7818-1
October 13, 2025
subversion vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Apache Subversion could be made to crash if it opened a specially crafted
file.
Software Description:
- subversion: Advanced version control system
Details:
It was discovered that Apache Subversion incorrectly parsed control
characters in filenames. An attacker could possibly use this issue to
commit a corrupted revision to a repository, leading to a denial of
service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS
subversion 1.9.3-2ubuntu1.3+esm2
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7818-1
CVE-2024-46901
[USN-7820-1] Linux kernel (Oracle) vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7820-1
October 13, 2025
linux-oracle vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-oracle: Linux kernel for Oracle Cloud systems
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Ext4 file system;
- Network file system (NFS) server daemon;
- Packet sockets;
- Network traffic control;
- VMware vSockets driver;
(CVE-2025-37785, CVE-2025-38618, CVE-2025-38617, CVE-2024-57996,
CVE-2025-37752, CVE-2025-38477, CVE-2025-21796, CVE-2025-38350)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.4.0-1149-oracle 5.4.0-1149.159
Available with Ubuntu Pro
linux-image-oracle-5.4 5.4.0.1149.143
Available with Ubuntu Pro
linux-image-oracle-lts-20.04 5.4.0.1149.143
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7820-1
CVE-2024-57996, CVE-2025-21796, CVE-2025-37752, CVE-2025-37785,
CVE-2025-38350, CVE-2025-38477, CVE-2025-38617, CVE-2025-38618
[USN-7796-4] Linux kernel (Azure FIPS) kernel vulnerabilities
==========================================================================
Ubuntu Security Notice USN-7796-4
October 13, 2025
linux-azure-fips vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure-fips: Linux kernel for Microsoft Azure Cloud systems with FIPS
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Framebuffer layer;
- BTRFS file system;
- Ext4 file system;
- Network file system (NFS) server daemon;
- Packet sockets;
- Network traffic control;
- VMware vSockets driver;
(CVE-2025-38477, CVE-2025-38617, CVE-2025-21796, CVE-2025-38618,
CVE-2024-49924, CVE-2024-35849, CVE-2025-37785)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS
linux-image-4.15.0-2102-azure-fips 4.15.0-2102.108
Available with Ubuntu Pro
linux-image-azure-fips 4.15.0.2102.98
Available with Ubuntu Pro
linux-image-azure-fips-4.15 4.15.0.2102.98
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7796-4
https://ubuntu.com/security/notices/USN-7796-3
https://ubuntu.com/security/notices/USN-7796-2
https://ubuntu.com/security/notices/USN-7796-1
CVE-2024-35849, CVE-2024-49924, CVE-2025-21796, CVE-2025-37785,
CVE-2025-38477, CVE-2025-38617, CVE-2025-38618
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure-fips/4.15.0-2102.108
